(Optional) To Use Digital Certificates
for Server and Client Authentication

The WAN boot installation method can use PKCS#12 files to perform an
installation over HTTPS with server or both client and server authentication.
For requirements and guidelines about using PKCS#12 files, see Digital Certificate Requirements.

To use a PKCS#12 file in a WAN boot installation, you perform the following
tasks.

Specifies the name of the client's private key file that was
created in the previous step

-s /etc/netboot/net-ip/client-ID/keystore

Specifies the path to the client's keystore

-o type=rsa

Specifies the
key type as RSA

Example 12–6 Creating a Trusted Certificate for Server Authentication

In the following example, you use a PKCS#12 file to install client 010003BA152A42
on subnet 192.168.198.0. This command sample extracts a certificate from a
PKCS#12 file that is named client.p12. The command then
places the contents of the trusted certificate in the client's truststore file.

Before you execute these commands, you must first assume the same user
role as the web server user. In this example, the web server user role is nobody.